/*
 * @(#)UserRolePermission.java
 *
 * Copyright (c) 2003 DCIVision Ltd
 * All rights reserved.
 *
 * This software is the confidential and proprietary information of DCIVision
 * Ltd ("Confidential Information").  You shall not disclose such Confidential
 * Information and shall use it only in accordance with the terms of the license
 * agreement you entered into with DCIVision Ltd.
 */
package com.dcivision.user.dao;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.List;
import java.util.Vector;

import com.dcivision.framework.ApplicationException;
import com.dcivision.framework.DataSourceFactory;
import com.dcivision.framework.ErrorConstant;
import com.dcivision.framework.GlobalConstant;
import com.dcivision.framework.SessionContainer;
import com.dcivision.framework.TextUtility;
import com.dcivision.framework.UserInfoFactory;
import com.dcivision.framework.Utility;
import com.dcivision.framework.bean.AbstractBaseObject;
import com.dcivision.framework.dao.AbstractDAObject;
import com.dcivision.framework.web.AbstractSearchForm;
import com.dcivision.user.bean.MtmUserRecordUserRole;
import com.dcivision.user.bean.UserRolePermission;

/**
  UserRolePermissionDAObject.java

  This class is the data access bean for table "USER_ROLE_PERMISSION".

  @author      Angus Shiu
  @company     DCIVision Limited
  @creation date   17/07/2003
  @version     $Revision: 1.29 $
*/

public class UserRolePermissionDAObject extends AbstractDAObject {

  public static final String REVISION = "$Revision: 1.29 $";

  public static final String TABLE_NAME = "USER_ROLE_PERMISSION";

  public UserRolePermissionDAObject(SessionContainer sessionContainer, Connection dbConn) {
    super(sessionContainer, dbConn);
  }

  protected void initDBSetting() {
    this.baseTableName = TABLE_NAME;
    this.vecDBColumn.add("ID");
    this.vecDBColumn.add("USER_ROLE_ID");
    this.vecDBColumn.add("OBJECT_TYPE");
    this.vecDBColumn.add("OBJECT_ID");
    this.vecDBColumn.add("PERMISSION");
    this.vecDBColumn.add("MUST_FLAG");
    this.vecDBColumn.add("START_TIME");
    this.vecDBColumn.add("END_TIME");
    this.vecDBColumn.add("GRANTER_USER_RECORD_ID");
    this.vecDBColumn.add("CAN_GRANT");
    this.vecDBColumn.add("RECORD_STATUS");
    this.vecDBColumn.add("UPDATE_COUNT");
    this.vecDBColumn.add("CREATOR_ID");
    this.vecDBColumn.add("CREATE_DATE");
    this.vecDBColumn.add("UPDATER_ID");
    this.vecDBColumn.add("UPDATE_DATE");
  }

  protected synchronized AbstractBaseObject getByID(Integer id) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();

    synchronized(dbConn) {
      try {
        sqlStat.append("SELECT A.ID, A.USER_ROLE_ID, A.OBJECT_TYPE, A.OBJECT_ID, A.PERMISSION, A.MUST_FLAG, A.START_TIME, A.END_TIME, A.GRANTER_USER_RECORD_ID, A.CAN_GRANT, A.RECORD_STATUS, A.UPDATE_COUNT, A.CREATOR_ID, A.CREATE_DATE, A.UPDATER_ID, A.UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION A ");
        sqlStat.append("WHERE  A.ID = ? AND A.RECORD_STATUS = ? ");
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        this.setPrepareStatement(preStat, 1, id);
        this.setPrepareStatement(preStat, 2, GlobalConstant.RECORD_STATUS_ACTIVE);
        rs = preStat.executeQuery();
        if (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setStartTime(getResultSetTimestamp(rs, "START_TIME"));
          tmpUserRolePermission.setEndTime(getResultSetTimestamp(rs, "END_TIME"));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setRecordStatus(getResultSetString(rs, "RECORD_STATUS"));
          tmpUserRolePermission.setUpdateCount(getResultSetInteger(rs, "UPDATE_COUNT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          return(tmpUserRolePermission);
        } else {
          throw new ApplicationException(ErrorConstant.DB_RECORD_NOT_FOUND_ERROR);
        }
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  protected synchronized List getList(AbstractSearchForm searchForm) throws ApplicationException {
    PreparedStatement preStat = null;
    PreparedStatement preStatCnt = null;
    ResultSet rs = null;
    ResultSet rsCnt = null;
    StringBuffer sqlStat = new StringBuffer();
    StringBuffer sqlStatCnt = new StringBuffer();
    List result = new ArrayList();
    int totalNumOfRecord = 0;
    int rowLoopCnt = 0;
    int startOffset = TextUtility.parseInteger(searchForm.getCurStartRowNo());
    int pageSize = TextUtility.parseInteger(searchForm.getPageOffset());

    synchronized(dbConn) {
      try {
        sqlStat.append("SELECT A.ID, A.USER_ROLE_ID, A.OBJECT_TYPE, A.OBJECT_ID, A.PERMISSION, A.MUST_FLAG, A.START_TIME, A.END_TIME, A.GRANTER_USER_RECORD_ID, A.CAN_GRANT, A.RECORD_STATUS, A.UPDATE_COUNT, A.CREATOR_ID, A.CREATE_DATE, A.UPDATER_ID, A.UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION A ");
        sqlStat.append("WHERE  A.RECORD_STATUS = ? ");

        // Form the WHERE clause for filtering.
        if (searchForm.isSearchable()) {
          String searchField = getSearchColumn(searchForm.getBasicSearchField());
          sqlStat.append("AND  " + searchField + " " + searchForm.getBasicSearchType() + " ? ");
        }

        //format the sql for any 'LIKE' statement contained
        sqlStat = this.getFormattedSQL(sqlStat.toString());

        // Form the ORDER clause for sorting.
        if (searchForm.isSortable()) {
          String sortAttribute = searchForm.getSortAttribute();
          if (sortAttribute.indexOf(".") < 0) {
            sortAttribute = "A." + sortAttribute;
          }
          sqlStat.append("ORDER BY " + sortAttribute + " " + searchForm.getSortOrder());
        }

        // Get total number of record return.
        sqlStatCnt = this.getSelectCountSQL(sqlStat);
        preStatCnt = dbConn.prepareStatement(sqlStatCnt.toString());
        this.setPrepareStatement(preStatCnt, 1, GlobalConstant.RECORD_STATUS_ACTIVE);
        if (searchForm.isSearchable()) {
          String searchKeyword = this.getFormattedKeyword(searchForm.getBasicSearchKeyword(), searchForm.getBasicSearchType());
          this.setPrepareStatement(preStatCnt, 2, searchKeyword);
        }
        rsCnt = preStatCnt.executeQuery();
        if (rsCnt.next()) {
          totalNumOfRecord = rsCnt.getInt(1);
        }
        try { rsCnt.close(); } catch (Exception ignore) {} finally { rsCnt = null; }
        try { preStatCnt.close(); } catch (Exception ignore) {} finally { preStatCnt = null; }

        // Retrieve the result in row basis.
        sqlStat = this.getSelectListSQL(sqlStat, startOffset, pageSize);
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        this.setPrepareStatement(preStat, 1, GlobalConstant.RECORD_STATUS_ACTIVE);
        if (searchForm.isSearchable()) {
          String searchKeyword = this.getFormattedKeyword(searchForm.getBasicSearchKeyword(), searchForm.getBasicSearchType());
          this.setPrepareStatement(preStat, 2, searchKeyword);
        }
        rs = preStat.executeQuery();

        this.positionCursor(rs, startOffset, pageSize);

        while (rs.next() && rowLoopCnt<pageSize) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setStartTime(getResultSetTimestamp(rs, "START_TIME"));
          tmpUserRolePermission.setEndTime(getResultSetTimestamp(rs, "END_TIME"));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setRecordStatus(getResultSetString(rs, "RECORD_STATUS"));
          tmpUserRolePermission.setUpdateCount(getResultSetInteger(rs, "UPDATE_COUNT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          tmpUserRolePermission.setRecordCount(totalNumOfRecord);
          tmpUserRolePermission.setRowNum(startOffset++);
          ++rowLoopCnt;
          result.add(tmpUserRolePermission);
        }
        return(result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
        try { rsCnt.close(); } catch (Exception ignore) {} finally { rsCnt = null; }
        try { preStatCnt.close(); } catch (Exception ignore) {} finally { preStatCnt = null; }
      }
    }
  }

  protected synchronized List getList() throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List result = new ArrayList();

    synchronized(dbConn) {
      try {
        sqlStat.append("SELECT A.ID, A.USER_ROLE_ID, A.OBJECT_TYPE, A.OBJECT_ID, A.PERMISSION, A.MUST_FLAG, A.START_TIME, A.END_TIME, A.GRANTER_USER_RECORD_ID, A.CAN_GRANT, A.RECORD_STATUS, A.UPDATE_COUNT, A.CREATOR_ID, A.CREATE_DATE, A.UPDATER_ID, A.UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION A ");
        sqlStat.append("WHERE  A.RECORD_STATUS = ? ");
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        this.setPrepareStatement(preStat, 1, GlobalConstant.RECORD_STATUS_ACTIVE);
        rs = preStat.executeQuery();
        while (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setStartTime(getResultSetTimestamp(rs, "START_TIME"));
          tmpUserRolePermission.setEndTime(getResultSetTimestamp(rs, "END_TIME"));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setRecordStatus(getResultSetString(rs, "RECORD_STATUS"));
          tmpUserRolePermission.setUpdateCount(getResultSetInteger(rs, "UPDATE_COUNT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          result.add(tmpUserRolePermission);
        }
        return(result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  protected void validateInsert(AbstractBaseObject obj) throws ApplicationException {
  }

  protected void validateUpdate(AbstractBaseObject obj) throws ApplicationException {
  }

  protected void validateDelete(AbstractBaseObject obj) throws ApplicationException {
  }

  protected synchronized AbstractBaseObject insert(AbstractBaseObject obj) throws ApplicationException {
    PreparedStatement preStat = null;
    StringBuffer sqlStat = new StringBuffer();
    UserRolePermission tmpUserRolePermission = (UserRolePermission)((UserRolePermission)obj).clone();

    synchronized(dbConn) {
      try {
        Integer nextID = getNextPrimaryID();
        Timestamp currTime = Utility.getCurrentTimestamp();
        sqlStat.append("INSERT ");
        sqlStat.append("INTO   USER_ROLE_PERMISSION(ID, USER_ROLE_ID, OBJECT_TYPE, OBJECT_ID, PERMISSION, MUST_FLAG, START_TIME, END_TIME, GRANTER_USER_RECORD_ID, CAN_GRANT, RECORD_STATUS, UPDATE_COUNT, CREATOR_ID, CREATE_DATE, UPDATER_ID, UPDATE_DATE) ");
        sqlStat.append("VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) ");
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, nextID);
        setPrepareStatement(preStat, 2, tmpUserRolePermission.getUserRoleID());
        setPrepareStatement(preStat, 3, tmpUserRolePermission.getObjectType());
        setPrepareStatement(preStat, 4, tmpUserRolePermission.getObjectID());
        setPrepareStatement(preStat, 5, tmpUserRolePermission.getPermission());
        setPrepareStatement(preStat, 6, tmpUserRolePermission.getMustFlag() ? GlobalConstant.TRUE : GlobalConstant.FALSE);
        setPrepareStatement(preStat, 7, tmpUserRolePermission.getStartTime());
        setPrepareStatement(preStat, 8, tmpUserRolePermission.getEndTime());
        setPrepareStatement(preStat, 9, tmpUserRolePermission.getGranterUserRecordID());
        setPrepareStatement(preStat, 10, tmpUserRolePermission.getCanGrant());
        setPrepareStatement(preStat, 11, GlobalConstant.RECORD_STATUS_ACTIVE);
        setPrepareStatement(preStat, 12, new Integer(0));
        setPrepareStatement(preStat, 13, sessionContainer.getUserRecordID());
        setPrepareStatement(preStat, 14, currTime);
        setPrepareStatement(preStat, 15, sessionContainer.getUserRecordID());
        setPrepareStatement(preStat, 16, currTime);
        preStat.executeUpdate();
        tmpUserRolePermission.setID(nextID);
        tmpUserRolePermission.setCreatorID(sessionContainer.getUserRecordID());
        tmpUserRolePermission.setCreateDate(currTime);
        tmpUserRolePermission.setUpdaterID(sessionContainer.getUserRecordID());
        tmpUserRolePermission.setUpdateDate(currTime);
        tmpUserRolePermission.setUpdateCount(new Integer(0));
        tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
        tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
        return(tmpUserRolePermission);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_INSERT_ERROR, e);
      } finally {
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  protected synchronized AbstractBaseObject update(AbstractBaseObject obj) throws ApplicationException {
    PreparedStatement preStat = null;
    StringBuffer sqlStat = new StringBuffer();
    UserRolePermission tmpUserRolePermission = (UserRolePermission)((UserRolePermission)obj).clone();

    synchronized(dbConn) {
      try {
        int updateCnt = 0;
        Timestamp currTime = Utility.getCurrentTimestamp();
        sqlStat.append("UPDATE USER_ROLE_PERMISSION ");
        sqlStat.append("SET  USER_ROLE_ID=?, OBJECT_TYPE=?, OBJECT_ID=?, PERMISSION=?, MUST_FLAG=?, START_TIME=?, END_TIME=?, GRANTER_USER_RECORD_ID=?, CAN_GRANT=?, UPDATE_COUNT=?, UPDATER_ID=?, UPDATE_DATE=? ");
        sqlStat.append("WHERE  ID=? ");
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, tmpUserRolePermission.getUserRoleID());
        setPrepareStatement(preStat, 2, tmpUserRolePermission.getObjectType());
        setPrepareStatement(preStat, 3, tmpUserRolePermission.getObjectID());
        setPrepareStatement(preStat, 4, tmpUserRolePermission.getPermission());
        setPrepareStatement(preStat, 5, tmpUserRolePermission.getMustFlag() ? GlobalConstant.TRUE : GlobalConstant.FALSE);
        setPrepareStatement(preStat, 6, tmpUserRolePermission.getStartTime());
        setPrepareStatement(preStat, 7, tmpUserRolePermission.getEndTime());
        setPrepareStatement(preStat, 8, tmpUserRolePermission.getGranterUserRecordID());
        setPrepareStatement(preStat, 9, tmpUserRolePermission.getCanGrant());
        setPrepareStatement(preStat, 10, new Integer(tmpUserRolePermission.getUpdateCount().intValue() + 1));
        setPrepareStatement(preStat, 11, sessionContainer.getUserRecordID());
        setPrepareStatement(preStat, 12, currTime);
        setPrepareStatement(preStat, 13, tmpUserRolePermission.getID());
        updateCnt = preStat.executeUpdate();
        if (updateCnt == 0) {
          throw new ApplicationException(ErrorConstant.DB_CONCURRENT_ERROR);
        } else {
          tmpUserRolePermission.setUpdaterID(sessionContainer.getUserRecordID());
          tmpUserRolePermission.setUpdateDate(currTime);
          tmpUserRolePermission.setUpdateCount(new Integer(tmpUserRolePermission.getUpdateCount().intValue() + 1));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          return(tmpUserRolePermission);
        }
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_UPDATE_ERROR, e);
      } finally {
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  protected synchronized AbstractBaseObject delete(AbstractBaseObject obj) throws ApplicationException {
    PreparedStatement preStat = null;
    StringBuffer sqlStat = new StringBuffer();
    UserRolePermission tmpUserRolePermission = (UserRolePermission)((UserRolePermission)obj).clone();

    synchronized(dbConn) {
      try {
        int updateCnt = 0;
        sqlStat.append("DELETE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  ID=? AND UPDATE_COUNT=? ");
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, tmpUserRolePermission.getID());
        setPrepareStatement(preStat, 2, tmpUserRolePermission.getUpdateCount());
        updateCnt = preStat.executeUpdate();
        if (updateCnt == 0) {
          throw new ApplicationException(ErrorConstant.DB_CONCURRENT_ERROR);
        } else {
          return(tmpUserRolePermission);
        }
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_DELETE_ERROR, e);
      } finally {
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  protected synchronized void auditTrail(String opMode, AbstractBaseObject obj) throws ApplicationException {
    Vector oldValues = new Vector();
    Vector newValues = new Vector();
    UserRolePermission tmpUserRolePermission = (UserRolePermission)this.oldValue;

    if (tmpUserRolePermission != null) {
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getID()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getUserRoleID()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getObjectType()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getObjectID()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getPermission()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getMustFlag() ? GlobalConstant.TRUE : GlobalConstant.FALSE));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getStartTime()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getEndTime()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getGranterUserRecordID()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getCanGrant()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getRecordStatus()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getUpdateCount()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getCreatorID()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getCreateDate()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getUpdaterID()));
      oldValues.add(toAuditTrailValue(tmpUserRolePermission.getUpdateDate()));
    }

    tmpUserRolePermission = (UserRolePermission)obj;
    if (tmpUserRolePermission != null) {
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getID()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getUserRoleID()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getObjectType()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getObjectID()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getPermission()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getMustFlag() ? GlobalConstant.TRUE : GlobalConstant.FALSE));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getStartTime()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getEndTime()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getGranterUserRecordID()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getCanGrant()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getRecordStatus()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getUpdateCount()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getCreatorID()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getCreateDate()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getUpdaterID()));
      newValues.add(toAuditTrailValue(tmpUserRolePermission.getUpdateDate()));
    }

    auditTrailBase(opMode, oldValues, newValues);
  }

  /***********************************************************************
   * DON'T Modify the codes above unless you know what you are doing!!!  *
   * Put your own functions beblow.                                      *
   * For FINDER methods, the function name should be in the notation:    *
   *   public Object getObjectBy<Criteria>()                             *
   *   - e.g. public Object getObjectByCode()                            *
   *   public List getListBy<Criteria>()                                 *
   *   - e.g. public List getListByUserID()                              *
   * For OPERATION methods, the function name should be in the notation: *
   *   public void <Operation>ObjectBy<Criteria>()                       *
   *   - e.g. public void deleteObjectByCode()                           *
   *   public void <Operation>ListBy<Criteria>()                         *
   *   - e.g. public void deleteListByUserID()                           *
   ***********************************************************************/
  public synchronized List getListByUserRoleID(Integer userRoleID) throws ApplicationException {
    return(this.getListByUserRoleIDObjectType(userRoleID, GlobalConstant.OBJECT_TYPE_ALL));
  }

  public synchronized List getListByUserRoleIDObjectType(Integer userRoleID, String objType) throws ApplicationException {
    return(this.getListByUserRoleIDObjectTypeObjectID(userRoleID, objType, null));
  }

  public synchronized List getListByUserRoleIDObjectTypeObjectID(Integer userRoleID, String objType, Integer objID) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List result = new ArrayList();
    synchronized(dbConn) {
      try {
        sqlStat.append("SELECT ID, USER_ROLE_ID, OBJECT_TYPE, OBJECT_ID, PERMISSION, MUST_FLAG, START_TIME, END_TIME, GRANTER_USER_RECORD_ID, CAN_GRANT, CREATOR_ID, RECORD_STATUS, UPDATE_COUNT, CREATE_DATE, UPDATER_ID, UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  USER_ROLE_ID=? ");
        if (!GlobalConstant.OBJECT_TYPE_ALL.equals(objType)) {
          sqlStat.append("AND OBJECT_TYPE=? ");
        }
        if (objID!=null) {
          sqlStat.append("AND OBJECT_ID=? ");
        }
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        this.setPrepareStatement(preStat, 1, userRoleID);
        if (!GlobalConstant.OBJECT_TYPE_ALL.equals(objType)) {
          setPrepareStatement(preStat, 2, objType);
        }
        if (objID!=null) {
          setPrepareStatement(preStat, 3, objID);
        }
        rs = preStat.executeQuery();
        while (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setStartTime(getResultSetTimestamp(rs, "START_TIME"));
          tmpUserRolePermission.setEndTime(getResultSetTimestamp(rs, "END_TIME"));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setRecordStatus(getResultSetString(rs, "RECORD_STATUS"));
          tmpUserRolePermission.setUpdateCount(getResultSetInteger(rs, "UPDATE_COUNT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          result.add(tmpUserRolePermission);
        }
        return(result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }
  
  /**
   * Retrieve the permission string (access control list) of a particular entity that a user role has right to access
   * @param userRoleID	The user role to query for (mandatory)
   * @param objType	The entity object type (mandatory)
   * @param objID	The entity ID (mandatory)
   * @return	The permission string that the user role can access on that entity, return empty string if that user role 
   *            has no access right on it.
   */
  public synchronized List getPermissionListByUserRoleIDObjectTypeObjectID(Integer[] userRoleIDs, String objType, Integer objID) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List permissions = new ArrayList();
    
    //return empty list if the userRoleIDs are empty
    if(userRoleIDs!=null && userRoleIDs.length>0){
      synchronized(dbConn) {													              
        try {															              
          sqlStat.append("SELECT PERMISSION ");											
          sqlStat.append("FROM   USER_ROLE_PERMISSION ");										
          sqlStat.append("WHERE  ");												              
      																
          int len = userRoleIDs.length;        											
          sqlStat.append("(");													
          for(int i=0;i<len;i++){													
            sqlStat.append("USER_ROLE_ID=? ");											
            if(i < len-1) sqlStat.append(" OR ");											
          }        														              
          sqlStat.append(") ");													
      																
          sqlStat.append("AND OBJECT_TYPE=? ");											
          sqlStat.append("AND OBJECT_ID=? ");											              	  
          
          preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);	
          int count = 1;														
          count = setPrepareStatement(preStat, count, userRoleIDs);								              
          setPrepareStatement(preStat, count++, objType);										
          setPrepareStatement(preStat, count, objID);										              
      																
          rs = preStat.executeQuery();												
          while (rs.next()) {													              
            permissions.add(getResultSetString(rs, 1));										
          }															                        
        } catch (ApplicationException appEx) {											
          throw appEx;														
        } catch (SQLException sqle) {												              
          log.error(sqle, sqle);													
          throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());					
        } catch (Exception e) {													
          log.error(e, e);													              
          throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);							              
        } finally {														              
          try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }							
          try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }					              
        }																
      }																
    }
    return permissions;													              
  }  

  public synchronized List getListByObjectTypeObjectID(String objType, Integer objID) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List result = new ArrayList();
    synchronized(dbConn) {
      try {
        sqlStat.append("SELECT ID, USER_ROLE_ID, OBJECT_TYPE, OBJECT_ID, PERMISSION, MUST_FLAG, START_TIME, END_TIME, GRANTER_USER_RECORD_ID, CAN_GRANT, CREATOR_ID, RECORD_STATUS, UPDATE_COUNT, CREATE_DATE, UPDATER_ID, UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  OBJECT_TYPE=? AND OBJECT_ID=? ");
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, objType);
        setPrepareStatement(preStat, 2, objID);
        rs = preStat.executeQuery();
        while (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setStartTime(getResultSetTimestamp(rs, "START_TIME"));
          tmpUserRolePermission.setEndTime(getResultSetTimestamp(rs, "END_TIME"));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setRecordStatus(getResultSetString(rs, "RECORD_STATUS"));
          tmpUserRolePermission.setUpdateCount(getResultSetInteger(rs, "UPDATE_COUNT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          result.add(tmpUserRolePermission);
        }
        return(result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }
  
  public synchronized List getListByObjectTypeObjectIDUpdaterID(String objType, Integer objID, Integer updaterID) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List result = new ArrayList();
    synchronized(dbConn) {
      try {
        sqlStat.append("SELECT ID, USER_ROLE_ID, OBJECT_TYPE, OBJECT_ID, PERMISSION, MUST_FLAG, START_TIME, END_TIME, GRANTER_USER_RECORD_ID, CAN_GRANT, CREATOR_ID, RECORD_STATUS, UPDATE_COUNT, CREATE_DATE, UPDATER_ID, UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  OBJECT_TYPE=? AND OBJECT_ID=? AND UPDATER_ID = ? ");
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, objType);
        setPrepareStatement(preStat, 2, objID);
        setPrepareStatement(preStat, 3, updaterID);
        rs = preStat.executeQuery();
        while (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setStartTime(getResultSetTimestamp(rs, "START_TIME"));
          tmpUserRolePermission.setEndTime(getResultSetTimestamp(rs, "END_TIME"));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setRecordStatus(getResultSetString(rs, "RECORD_STATUS"));
          tmpUserRolePermission.setUpdateCount(getResultSetInteger(rs, "UPDATE_COUNT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          result.add(tmpUserRolePermission);
        }
        return(result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  public synchronized void deleteListByObjectTypeObjectID(String objectType, Integer objectID, List existIDList) throws ApplicationException {
    PreparedStatement preStat = null;
    StringBuffer sqlStat = new StringBuffer();

    synchronized(dbConn) {
      try {
        int updateCnt = 0;
        sqlStat.append("DELETE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  OBJECT_TYPE = ? AND OBJECT_ID = ? ");
        if (!Utility.isEmpty(existIDList)) {
          sqlStat.append("AND ID NOT IN (");
          sqlStat.append(existIDList.get(0));
          for (int i = 1; i < existIDList.size(); i++) {
            sqlStat.append(", " + existIDList.get(i));
          }
          sqlStat.append(") ");
        }

        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, objectType);
        setPrepareStatement(preStat, 2, objectID);

        updateCnt = preStat.executeUpdate();
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_DELETE_ERROR, e);
      } finally {
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }
  
  public synchronized void deleteListByObjectTypeObjectIDUpdaterID(String objectType, Integer objectID, Integer updaterID) throws ApplicationException {
    PreparedStatement preStat = null;
    StringBuffer sqlStat = new StringBuffer();

    synchronized(dbConn) {
      try {
        int updateCnt = 0;
        sqlStat.append("DELETE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  OBJECT_TYPE = ? AND OBJECT_ID = ? AND UPDATER_ID = ? ");

        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, objectType);
        setPrepareStatement(preStat, 2, objectID);
        setPrepareStatement(preStat, 3, updaterID);
        updateCnt = preStat.executeUpdate();
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_DELETE_ERROR, e);
      } finally {
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  public synchronized void deleteListByObjectTypeUserRoleID(String objectType, Integer userRoleID, List existIDList) throws ApplicationException {
    PreparedStatement preStat = null;
    StringBuffer sqlStat = new StringBuffer();

    synchronized(dbConn) {
      try {
        int updateCnt = 0;
        sqlStat.append("DELETE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  OBJECT_TYPE = ? AND USER_ROLE_ID = ? ");
        if (!Utility.isEmpty(existIDList)) {
          sqlStat.append("AND ID NOT IN (");
          sqlStat.append(existIDList.get(0));
          for (int i = 1; i < existIDList.size(); i++) {
            sqlStat.append(", " + existIDList.get(i));
          }
          sqlStat.append(") ");
        }

        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, objectType);
        setPrepareStatement(preStat, 2, userRoleID);

        updateCnt = preStat.executeUpdate();
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_DELETE_ERROR, e);
      } finally {
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  public synchronized List getListByUserRoleIDObjectTypeParentID(Integer userRoleID, String objType, Integer parentID) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List result = new ArrayList();
    String joinTable = null;

    if (GlobalConstant.OBJECT_TYPE_FUNCTION.equals(objType)) {
      joinTable = "SYS_FUNCTION";
    } else if (GlobalConstant.OBJECT_TYPE_DOCUMENT.equals(objType)) {
      joinTable = "DMS_DOCUMENT";
    }

    synchronized(dbConn) {
      try {
        sqlStat.append(" SELECT URP.ID, URP.USER_ROLE_ID, URP.OBJECT_TYPE, URP.OBJECT_ID, URP.PERMISSION, URP.MUST_FLAG, URP.START_TIME, URP.END_TIME, URP.GRANTER_USER_RECORD_ID, URP.CAN_GRANT, URP.CREATOR_ID, URP.RECORD_STATUS, URP.UPDATE_COUNT, URP.CREATE_DATE, URP.UPDATER_ID, URP.UPDATE_DATE ");
        sqlStat.append(" FROM   USER_ROLE_PERMISSION URP LEFT JOIN " + joinTable + " SF ON URP.OBJECT_ID = SF.ID ");
        sqlStat.append(" WHERE  USER_ROLE_ID=? ");
        if (parentID!=null) {
          sqlStat.append("AND SF.PARENT_ID=? ");
        }
        if (!GlobalConstant.OBJECT_TYPE_ALL.equals(objType)) {
          sqlStat.append(" AND OBJECT_TYPE=? ");
        }

        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        int i=1;
        this.setPrepareStatement(preStat, i++, userRoleID);
        if (parentID!=null) {
          this.setPrepareStatement(preStat, i++, parentID);
        }
        if (!GlobalConstant.OBJECT_TYPE_ALL.equals(objType)) {
          setPrepareStatement(preStat, i++, objType);
        }

        rs = preStat.executeQuery();
        while (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setStartTime(getResultSetTimestamp(rs, "START_TIME"));
          tmpUserRolePermission.setEndTime(getResultSetTimestamp(rs, "END_TIME"));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setRecordStatus(getResultSetString(rs, "RECORD_STATUS"));
          tmpUserRolePermission.setUpdateCount(getResultSetInteger(rs, "UPDATE_COUNT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          result.add(tmpUserRolePermission);
        }
        return(result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  public synchronized List getListByUserRoleIDListObjectType(List userRoleIDList, String objType) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List result = new ArrayList();
    synchronized (dbConn) {
      try {
        sqlStat.append("SELECT ID, USER_ROLE_ID, OBJECT_TYPE, OBJECT_ID, PERMISSION, MUST_FLAG, GRANTER_USER_RECORD_ID, CAN_GRANT, CREATOR_ID, CREATE_DATE, UPDATER_ID, UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  (1=0 ");
        for (int i = 0; i < userRoleIDList.size(); i++) {
          sqlStat.append("OR USER_ROLE_ID=?  ");
        }
        sqlStat.append(") ");
        if (!"*".equals(objType)) {
          sqlStat.append("AND OBJECT_TYPE=? ");
        }
        preStat = dbConn.prepareStatement(sqlStat.toString());
        int nextInt = 0;
        for (int i = 0; i < userRoleIDList.size(); i++) {
          MtmUserRecordUserRole userRole = (MtmUserRecordUserRole)
              userRoleIDList.get(i);
          this.setPrepareStatement(preStat, i + 1, userRole.getUserRoleID());
        }
        if (!"*".equals(objType)) {
          setPrepareStatement(preStat, userRoleIDList.size() + 1, objType);
        }
        rs = preStat.executeQuery();
        while (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          result.add(tmpUserRolePermission);
        }
        return (result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  public synchronized List getListByUserRoleIDListStartEndDateForSchedule(List userRoleIDList, Timestamp startDate,Timestamp endDate) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List result = new ArrayList();
    synchronized (dbConn) {
      try {
        sqlStat.append("SELECT A.ID, A.USER_ROLE_ID, A.OBJECT_TYPE, A.OBJECT_ID, A.PERMISSION, A.MUST_FLAG, A.GRANTER_USER_RECORD_ID, A.CAN_GRANT, A.CREATOR_ID, A.CREATE_DATE, A.UPDATER_ID, A.UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION A, CALENDAR_RECORD C ");
        sqlStat.append("WHERE  A.OBJECT_TYPE = 'C' AND A.OBJECT_ID = C.ID AND (1=0 ");
        for (int i = 0; i < userRoleIDList.size(); i++) {
          sqlStat.append("OR A.USER_ROLE_ID=?  ");
        }
        sqlStat.append(") ");

        if (DataSourceFactory.getDatabaseType() == DataSourceFactory.DB_ORACLE) {
          if ( (startDate != null) && (endDate != null)) {
        		sqlStat.append(" AND ((C.DATETIME BETWEEN TO_DATE('" + TextUtility.formatDate(startDate,"yyyy-MM-dd HH:mm:ss") + "', 'YYYY-MM-DD HH24:MI:SS') AND TO_DATE('" + TextUtility.formatDate(endDate,"yyyy-MM-dd HH:mm:ss") + "', 'YYYY-MM-DD HH24:MI:SS')) OR (C.ENDTIME BETWEEN TO_DATE('" + TextUtility.formatDate(startDate,"yyyy-MM-dd HH:mm:ss") + "', 'YYYY-MM-DD HH24:MI:SS') AND TO_DATE('" + TextUtility.formatDate(endDate,"yyyy-MM-dd HH:mm:ss") + "', 'YYYY-MM-DD HH24:MI:SS')) )");
          } else if (startDate != null) {
            sqlStat.append(" AND (C.DATETIME > TO_DATE('" + TextUtility.formatDate(startDate,"yyyy-MM-dd HH:mm:ss") + "', 'YYYY-MM-DD HH24:MI:SS'))");
          } else if (endDate != null) {
            sqlStat.append(" AND  (C.ENDTIME < TO_DATE('" + TextUtility.formatDate(endDate,"yyyy-MM-dd HH:mm:ss") + "', 'YYYY-MM-DD HH24:MI:SS'))");
          }
        } else {
          if ( (startDate != null) && (endDate != null)) {
                  sqlStat.append(" AND ((C.DATETIME BETWEEN '" + startDate + "' AND '" + endDate + "') OR (C.ENDTIME BETWEEN '" + startDate + "' AND '" + endDate + "') OR (C.DATETIME < '" + startDate + "' AND C.ENDTIME > '" + endDate + "')) ");
          } else if (startDate != null) {
              sqlStat.append(" AND (C.DATETIME > '" + startDate + "')");
          } else if (endDate != null) {
              sqlStat.append(" AND  (C.ENDTIME < '" + endDate + "')");
          }
        }

        sqlStat.append(" UNION ");
        sqlStat.append("SELECT A.ID, A.USER_ROLE_ID, A.OBJECT_TYPE, A.OBJECT_ID, A.PERMISSION, A.MUST_FLAG, A.GRANTER_USER_RECORD_ID, A.CAN_GRANT, A.CREATOR_ID, A.CREATE_DATE, A.UPDATER_ID, A.UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION A, CALENDAR_RECORD C, CALENDAR_RECUR R ");
        sqlStat.append("WHERE  A.OBJECT_TYPE = 'C' AND A.OBJECT_ID = C.ID AND C.ID = R.CALENDAR_ID AND (1=0 ");
        for (int i = 0; i < userRoleIDList.size(); i++) {
          sqlStat.append("OR A.USER_ROLE_ID=?  ");
        }
        sqlStat.append(") ");
      
        preStat = dbConn.prepareStatement(sqlStat.toString());
        int nextInt = 0;
        for (int i = 0; i < userRoleIDList.size(); i++) {
          MtmUserRecordUserRole userRole = (MtmUserRecordUserRole)
              userRoleIDList.get(i);
          this.setPrepareStatement(preStat, i + 1, userRole.getUserRoleID());
        }

        rs = preStat.executeQuery();
        while (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          result.add(tmpUserRolePermission);
        }
        return (result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  public synchronized List getRequiredListByObjectTypeObjectID(String objType, Integer objID) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List result = new ArrayList();
    synchronized (dbConn) {
      try {
        sqlStat.append("SELECT ID, USER_ROLE_ID, OBJECT_TYPE, OBJECT_ID, PERMISSION, MUST_FLAG, GRANTER_USER_RECORD_ID, CAN_GRANT, CREATOR_ID, CREATE_DATE, UPDATER_ID, UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  OBJECT_TYPE=? AND OBJECT_ID=? AND MUST_FLAG=? ");
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, objType);
        setPrepareStatement(preStat, 2, objID);
        setPrepareStatement(preStat, 3, GlobalConstant.TRUE);
        rs = preStat.executeQuery();
        while (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          result.add(tmpUserRolePermission);
        }
        return (result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }

  public synchronized List getListByObjectType(String objType) throws ApplicationException {
    PreparedStatement preStat = null;
    ResultSet rs = null;
    StringBuffer sqlStat = new StringBuffer();
    List result = new ArrayList();
    synchronized(dbConn) {
      try {
        sqlStat.append("SELECT ID, USER_ROLE_ID, OBJECT_TYPE, OBJECT_ID, PERMISSION, MUST_FLAG, START_TIME, END_TIME, GRANTER_USER_RECORD_ID, CAN_GRANT, CREATOR_ID, RECORD_STATUS, UPDATE_COUNT, CREATE_DATE, UPDATER_ID, UPDATE_DATE ");
        sqlStat.append("FROM   USER_ROLE_PERMISSION ");
        sqlStat.append("WHERE  OBJECT_TYPE=? ");
        preStat = dbConn.prepareStatement(sqlStat.toString(), ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
        setPrepareStatement(preStat, 1, objType);
        rs = preStat.executeQuery();
        while (rs.next()) {
          UserRolePermission tmpUserRolePermission = new UserRolePermission();
          tmpUserRolePermission.setID(getResultSetInteger(rs, "ID"));
          tmpUserRolePermission.setUserRoleID(getResultSetInteger(rs, "USER_ROLE_ID"));
          tmpUserRolePermission.setObjectType(getResultSetString(rs, "OBJECT_TYPE"));
          tmpUserRolePermission.setObjectID(getResultSetInteger(rs, "OBJECT_ID"));
          tmpUserRolePermission.setPermission(getResultSetString(rs, "PERMISSION"));
          tmpUserRolePermission.setMustFlag(GlobalConstant.TRUE.equals(getResultSetString(rs, "MUST_FLAG")));
          tmpUserRolePermission.setStartTime(getResultSetTimestamp(rs, "START_TIME"));
          tmpUserRolePermission.setEndTime(getResultSetTimestamp(rs, "END_TIME"));
          tmpUserRolePermission.setGranterUserRecordID(getResultSetInteger(rs, "GRANTER_USER_RECORD_ID"));
          tmpUserRolePermission.setCanGrant(getResultSetString(rs, "CAN_GRANT"));
          tmpUserRolePermission.setRecordStatus(getResultSetString(rs, "RECORD_STATUS"));
          tmpUserRolePermission.setUpdateCount(getResultSetInteger(rs, "UPDATE_COUNT"));
          tmpUserRolePermission.setCreatorID(getResultSetInteger(rs, "CREATOR_ID"));
          tmpUserRolePermission.setCreateDate(getResultSetTimestamp(rs, "CREATE_DATE"));
          tmpUserRolePermission.setUpdaterID(getResultSetInteger(rs, "UPDATER_ID"));
          tmpUserRolePermission.setUpdateDate(getResultSetTimestamp(rs, "UPDATE_DATE"));
          tmpUserRolePermission.setCreatorName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getCreatorID()));
          tmpUserRolePermission.setUpdaterName(UserInfoFactory.getUserFullName(tmpUserRolePermission.getUpdaterID()));
          result.add(tmpUserRolePermission);
        }
        return(result);
      } catch (ApplicationException appEx) {
        throw appEx;
      } catch (SQLException sqle) {
        log.error(sqle, sqle);
        throw new ApplicationException(ErrorConstant.DB_GENERAL_ERROR, sqle, sqle.toString());
      } catch (Exception e) {
        log.error(e, e);
        throw new ApplicationException(ErrorConstant.DB_SELECT_ERROR, e);
      } finally {
        try { rs.close(); } catch (Exception ignore) {} finally { rs = null; }
        try { preStat.close(); } catch (Exception ignore) {} finally { preStat = null; }
      }
    }
  }


  
}
